Authentication
Advanced Settings
Vigor1000 Series User's Guide
Type – There are two types for you to choose for
authentication.
If you choose Certificate as the Type, you have to specify
one of the local certificates.
If you choose Pre-Shared Secret as the Type, you have to
type and confirm the shared secret. IPSec remote dial-in
clients will use the given secret.
Phase 1 (IKE) - Negotiation of IKE parameters including
encryption, hash, Diffie-Hellman parameter values, and
lifetime to protect the following IKE exchange,
authentication of both peers using either a Pre-Shared Key
or Digital Signature (x.509). The peer that starts the
negotiation proposes all its policies to the remote peer and
then remote peer tries to find a highest-priority match with
its policies.
Phase 2 (IPSec) - Negotiation IPSec security methods
including Authentication Header (AH) or Encapsulating
Security Payload (ESP) for the following IKE exchange
and mutual examination of the secure tunnel establishment.
153